from enum import Enum


class VulnerabilityEnum(Enum):
    sql_injection = [
        "select", "insert", "update", "delete", "drop", "truncate",
        "union", "or", "and", "where", "limit", "order by", "group by",
        "having", "sleep(", "benchmark(", "if(", "exec", "declare", "cast(",
        "information_schema", "--", "#", "/*", "*/"
    ]

    cmd_injection = [
        ";", "&&", "||", "`", "$(", "cmd.exe", "powershell", "bash -c",
        "exec", "system(", "eval(", "|", "|dir", ";cat /etc/passwd",
        "wget", "curl", "nc"
    ]

    xxe_attack = [
        "file://", "http://", "https://", "ldap://", "ftp://", "dict://",
        "php://", "data://", "jar://", "nfs://"
    ]

    xss_attack = [
        "<script>", "</script>", "javascript:", "onload", "alert(", "eval(",
        "img src=", "onerror", "<iframe", "iframe>", "src=", "document.cookie",
        "onmouseover", "onfocus", "onblur"
    ]

    sensitive_data = [
        "creditcard", "api_key", "password", "ssn", "socialsecurity", "pin",
        "secret", "token", "access_token", "private_key", "secret_key", "pwd",
        "passwd", "account", "login", "bank", "cvv"
    ]

    deserialize = [
        "deserialize", "unserialize", "serializable", "java.io.Serializable",
        "pickle.loads", "marshal.load", "unpickle", "fromJson", "readObject"
    ]

    log_injection = [
        "%A", "%D", "%n", "%x", "%p", "%s"
    ]

    @classmethod
    def get_default_value_map(cls):
        return [f"{item.name}_exist" for item in list(VulnerabilityEnum)] + [f"{item.name}_count" for item in
                                                                             list(VulnerabilityEnum)]
